[Snort-devel] [nobody at ...86...: ACID Incident Report]

Phil Wood cpw at ...86...
Sat Jul 28 22:12:29 EDT 2001


----- Forwarded message from nobody <nobody at ...86...> -----

Date: Sat, 28 Jul 2001 20:07:24 -0600
From: nobody <nobody at ...86...>
To: cpw at ...86...
Subject: ACID Incident Report
X-UIDL: 9e8536ee3c061d3ef988d88026639fdf


Generated by ACID v0.9.6b12 on Sat July 28, 2001 20:07:24

------------------------------------------------------------------------------
#(4 - 7932) [2001-07-28 11:17:15] [arachNIDS/203]  BACKDOOR Q access
IPv4: 255.255.255.255 -> 128.165.3.152
      hlen=5 TOS=0 dlen=43 ID=0 flags=0 offset=0 TTL=14 chksum=10385
TCP:  port=31337 -> dport: 515  flags=***A*R** seq=0
      ack=0 off=5 res=0 win=0 urp=0 chksum=56504
Payload:  length = 3

000 : 63 6B 6F                                          cko

----- End forwarded message -----

-- 
Phil Wood, cpw at ...86...





More information about the Snort-devel mailing list